Mozilla Firefox — свободный браузер на движке Gecko
Релизный цикл, информация об уязвимостях
График релизов
Количество 15 220
CVE-2024-6610
Form validation popups could capture escape key presses. Therefore, sp ...
CVE-2024-6609
When almost out-of-memory an elliptic curve key which was never allocated could have been freed again. This vulnerability affects Firefox < 128 and Thunderbird < 128.
CVE-2024-6609
When almost out-of-memory an elliptic curve key which was never alloca ...
CVE-2024-6608
It was possible to move the cursor using pointerlock from an iframe. This allowed moving the cursor outside of the viewport and the Firefox window. This vulnerability affects Firefox < 128 and Thunderbird < 128.
CVE-2024-6608
It was possible to move the cursor using pointerlock from an iframe. T ...
CVE-2024-6607
It was possible to prevent a user from exiting pointerlock when pressing escape and to overlay customValidity notifications from a `<select>` element over certain permission prompts. This could be used to confuse a user into giving a site unintended permissions. This vulnerability affects Firefox < 128 and Thunderbird < 128.
CVE-2024-6607
It was possible to prevent a user from exiting pointerlock when pressi ...
CVE-2024-6606
Clipboard code failed to check the index on an array access. This could have led to an out-of-bounds read. This vulnerability affects Firefox < 128 and Thunderbird < 128.
CVE-2024-6606
Clipboard code failed to check the index on an array access. This coul ...
CVE-2024-6605
Firefox Android allowed immediate interaction with permission prompts. This could be used for tapjacking. This vulnerability affects Firefox < 128.
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано 1 | |
|---|---|---|---|---|
| CVE-2024-6610 Form validation popups could capture escape key presses. Therefore, sp ... | CVSS3: 4.3 | 0% Низкий | больше 1 года назад |
 | CVE-2024-6609 When almost out-of-memory an elliptic curve key which was never allocated could have been freed again. This vulnerability affects Firefox < 128 and Thunderbird < 128. | CVSS3: 8.8 | 1% Низкий | больше 1 года назад |
| CVE-2024-6609 When almost out-of-memory an elliptic curve key which was never alloca ... | CVSS3: 8.8 | 1% Низкий | больше 1 года назад |
| CVE-2024-6608 It was possible to move the cursor using pointerlock from an iframe. This allowed moving the cursor outside of the viewport and the Firefox window. This vulnerability affects Firefox < 128 and Thunderbird < 128. | CVSS3: 4.3 | 0% Низкий | больше 1 года назад |
| CVE-2024-6608 It was possible to move the cursor using pointerlock from an iframe. T ... | CVSS3: 4.3 | 0% Низкий | больше 1 года назад |
| CVE-2024-6607 It was possible to prevent a user from exiting pointerlock when pressing escape and to overlay customValidity notifications from a `<select>` element over certain permission prompts. This could be used to confuse a user into giving a site unintended permissions. This vulnerability affects Firefox < 128 and Thunderbird < 128. | CVSS3: 8.8 | 0% Низкий | больше 1 года назад |
| CVE-2024-6607 It was possible to prevent a user from exiting pointerlock when pressi ... | CVSS3: 8.8 | 0% Низкий | больше 1 года назад |
| CVE-2024-6606 Clipboard code failed to check the index on an array access. This could have led to an out-of-bounds read. This vulnerability affects Firefox < 128 and Thunderbird < 128. | CVSS3: 8.2 | 0% Низкий | больше 1 года назад |
| CVE-2024-6606 Clipboard code failed to check the index on an array access. This coul ... | CVSS3: 8.2 | 0% Низкий | больше 1 года назад |
| CVE-2024-6605 Firefox Android allowed immediate interaction with permission prompts. This could be used for tapjacking. This vulnerability affects Firefox < 128. | CVSS3: 8.8 | 0% Низкий | больше 1 года назад |
Уязвимостей на страницу